|
Family: CGI abuses : XSS --> Category: infos
IMP HTML MIME Viewer XSS Vulnerabilities Vulnerability Scan
Vulnerability Scan Summary Checks for HTML MIME Viewer XSS vulnerabilities in IMP
Detailed Explanation for this Vulnerability Test
The target is running at least one instance of IMP whose version number
is between 3.0 and 3.2.5 inclusive. Such versions are vulnerable to
several XSS attacks when viewing HTML messages with the HTML MIME viewer
and certain browsers. For additional information, see the 3.2.6 release
announcement:
http://lists.horde.org/archives/imp/Week-of-Mon-20040920/039246.html
***** Nessus has acertaind the vulnerability exists on the target
***** simply by looking at the version number of IMP installed there.
Solution : Upgrade to IMP version 3.2.6 or later.
Threat Level: Medium
Click HERE for more information and discussions on this network vulnerability scan.
|